So I made my own serial key generation software, using ECDSA, for use in my own applications and it works great so far! To keep the serial key short enough I use a 128 bit EC curve. My final signature ...

In the Bernstein et al. paper about EdDSA, the authors claim EdDSA is resilient against collisions (i.e. it can still be secure even if the hash function used isn't collision-resistant), drawing on a ...

In the IETF RFC draft named "SM2 Digital Signature Algorithm" a signature algorithm is specified. The RFC does however not mention why this signature algorithm has been defined. Nor does it specify ...

Alice has a value $a$ and she signs it using her secret key $d_1$ as: $s_1 = (r_1 * g^a)^{d_1} \bmod p$, and Bob has a value $b$ and he signs it using his secret key $d_2$ as: $s_2 = (r_2 * g^b)^{d_2} ...

I'm looking for a very detailed example of proof by reduction. Say we have two or three protocols (that have been proven secure) and we construct a new protocol. We want to provide a proof of security ...

I'm attempting to automate some checks against a large list of .NET assemblies, and want to include a test to see if the RSA parameters used to sign the assemblies are sensible. However, since I don't ...

I'm trying to get a grip on how Schnorr signature works. Suppose Alice sends Trent a tuple $(P, M)$, which contains a payload and a message to be signed by him. She then passes the certificate to Bob ...

Can an adversary who haven't seen the message before forge the signature of that message?
The adversary has seen
$σ_1 = (m_1)^d \bmod N$ and
$σ_2 = (m_2)^d \bmod N$
He forges
$m' = m_1\cdot m_2$
$σ' ...

I need to do digital signing of my request data which will be sent to the server. My server sends distinct private keys to her clients after authentication and expects all responses to be digitally ...

I am writing you because I want to implement the DPS signature with elliptic curves in Java.
I found this library http://docs.oracle.com/javase/7/docs/api/java/security/spec/package-summary.html which ...

In Merkle Signature, it also requires one-time signature to be used once for a message. The signature in Merkle scheme is even longer compared to Lamport one time signature. The verifier also has more ...

I am interested in comparing the computational performance of two signature schemes. However, I am unsure how to do that. My candidates are RSA and Shamir's ID Based Signature scheme. To get a fair ...

I have read that in cases where there is a limit on the amount of data sent over the network, one idea is to sent only $t$ bits of data rather than sending all the bits. For example, in the Schnorr ...

I want to create a smart house project, and in that i bought some simple
RF modules. Those modules don't support crypto out of the box but i want to connect them to a device that i would program to ...

I've the following scenario: One application signs JWT access/id tokens using the private key contained in a self-signed certificate, and then passes its public key to other parties to validate that ...

I am trying to understand the practical usage of sanitizable signatures particularly on Chameleon Hashing and Signatures. Chameleon hash, or trapdoor function allow parties with the knowledge of the ...

If I implement EMSA-PKCS1-v1_5 in the following two non-standard ways, what kind of things could go wrong?
The padding structure will be referred as (00|01|PS|00|DER(Digest Algo)|Digest), where | is ...

While reading a literature on signature schemes, I came across the concept of Existential Unforgeability of signature scheme against Adaptive Chosen Message Attack. Can anyone point me to the paper ...

I am starting to learn more about cryptography and I just read more about how asymmetric keys can make a digital certificate, and I would like if someone could explain me why the following case can't ...

I have several problems approaching the following problem:
Let's assume that we have Alice, Bob and Cathy. Alice wants to present a message to Cathy, showing her that someone else has signed it (Bob), ...

I have to decide, whether a document, which I am given, was correctly signed by a private key.
my Ideas is to sign the document id using RSA with the private key and to print the following onto the ...